SYSTEM AND METHOD FOR SCANNING FOR COMPUTER VULNERABILITIES IN A NETWORK ENVIRONMENT
First Claim
1. A method comprising:
- identifying a set of known vulnerabilities and a set of new vulnerabilities in an asset;
selecting one or more scripts comprising checks for vulnerabilities included in a union of the set of known vulnerabilities and the set of new vulnerabilities; and
using the selected scripts to scan the asset.
10 Assignments
0 Petitions
Accused Products
Abstract
A method in one embodiment includes identifying a set of known vulnerabilities and a set of new vulnerabilities in an asset, selecting one or more scripts that include checks for vulnerabilities in a union of the set of known vulnerabilities and the set of new vulnerabilities, and using the selected scripts to scan the asset. Known vulnerabilities and new vulnerabilities may be identified by accessing results of previous scans on the asset. The method may also include identifying a plurality of assets to scan in a network, identifying a plurality of sets of known vulnerabilities and a plurality of sets of new vulnerabilities in substantially all assets in the plurality of assets, and inserting checks for vulnerabilities included in a union of the plurality of sets of known vulnerabilities and the plurality of sets of new vulnerabilities into the selected scripts.
16 Citations
20 Claims
-
1. A method comprising:
-
identifying a set of known vulnerabilities and a set of new vulnerabilities in an asset; selecting one or more scripts comprising checks for vulnerabilities included in a union of the set of known vulnerabilities and the set of new vulnerabilities; and using the selected scripts to scan the asset. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An apparatus comprising:
-
a memory element configured to store data; and a processor operable to execute instructions associated with the data, wherein the apparatus is configured for; identifying a set of known vulnerabilities and a set of new vulnerabilities in an asset; selecting one or more scripts comprising checks for vulnerabilities included in a union of the set of known vulnerabilities and the set of new vulnerabilities; and using the selected scripts to scan the asset. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. Logic encoded in non-transitory media that includes code for execution and when executed by a processor is operable to perform operations comprising:
-
identifying a set of known vulnerabilities and a set of new vulnerabilities in an asset; selecting one or more scripts comprising checks for vulnerabilities included in a union of the set of known vulnerabilities and the set of new vulnerabilities; and using the selected scripts to scan the asset. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification